Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/ce1677-d927-44c6-a909-3b2b51a5e3da/1/QBvaKUProLFwUadr8JLWlBh2UrE.roa
File: QBvaKUProLFwUadr8JLWlBh2UrE.roa (raw, json)
Hash identifier: xpxsGWmbgKM4U5yVDwdEgOHu1jns29KEhnZ49U4Y2OU=
Subject key identifier: 40:1B:DA:29:43:EB:A0:B1:70:51:A7:6B:F0:92:D6:94:18:76:52:B1
Certificate issuer: /CN=08bf59899b7aca30a3c7d5db93b212d98709c89b
Certificate serial: 019424B3C853A4B5B28D9D975EA13CEDD75C
Authority key identifier: 08:BF:59:89:9B:7A:CA:30:A3:C7:D5:DB:93:B2:12:D9:87:09:C8:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CL9ZiZt6yjCjx9Xbk7IS2YcJyJs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/ce1677-d927-44c6-a909-3b2b51a5e3da/1/QBvaKUProLFwUadr8JLWlBh2UrE.roa
Signing time: Thu 02 Jan 2025 01:49:09 +0000
ROA not before: Thu 02 Jan 2025 01:49:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58308
IP address blocks: 91.109.120.0/21 maxlen: 21
185.144.152.0/22 maxlen: 22
2a01:66c0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:c8:53:a4:b5:b2:8d:9d:97:5e:a1:3c:ed:d7:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08bf59899b7aca30a3c7d5db93b212d98709c89b
Validity
Not Before: Jan 2 01:49:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=401bda2943eba0b17051a76bf092d694187652b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:76:f6:bd:5c:6d:ee:b0:b8:03:7e:d0:16:98:
fa:07:9a:cc:17:01:a3:c1:20:c8:c2:68:29:3b:54:
38:a9:08:ce:b8:af:57:5f:f5:d9:28:63:f0:de:6a:
f5:e2:03:17:8a:81:9c:d6:35:24:d9:9a:2d:f4:e1:
03:f8:d2:2d:59:a9:4d:b3:2a:17:ce:8d:c0:a1:c1:
af:55:db:51:ec:5a:2b:fe:47:d4:99:47:bd:d9:81:
5f:be:aa:46:2c:f9:e2:91:bf:ad:af:a8:f3:f3:3c:
ac:30:e3:69:eb:47:3a:47:c7:bb:79:59:26:76:ad:
9f:6a:cf:0f:8a:f6:df:96:e2:82:ef:c8:3a:c2:27:
f6:e6:22:2d:c1:25:17:ef:37:a7:63:1e:b3:7b:5d:
5d:1f:7e:72:05:90:6d:b7:ac:bc:ee:fd:5e:cc:83:
42:59:02:ec:70:ce:8b:ed:74:55:46:3a:73:6e:7d:
bc:f5:05:f8:61:0d:74:c2:ca:55:ce:44:03:4c:a8:
88:0e:2f:8b:ca:f7:8c:38:26:86:d9:06:ca:67:b1:
4e:7a:a1:f7:05:ac:41:bc:0b:be:61:0e:0f:39:8b:
2d:e6:3b:9f:d4:13:bd:b0:05:96:e3:9d:05:d4:5a:
af:bc:41:fa:11:72:a1:07:3f:1c:bc:47:56:1d:b6:
54:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:1B:DA:29:43:EB:A0:B1:70:51:A7:6B:F0:92:D6:94:18:76:52:B1
X509v3 Authority Key Identifier:
keyid:08:BF:59:89:9B:7A:CA:30:A3:C7:D5:DB:93:B2:12:D9:87:09:C8:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CL9ZiZt6yjCjx9Xbk7IS2YcJyJs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/ce1677-d927-44c6-a909-3b2b51a5e3da/1/QBvaKUProLFwUadr8JLWlBh2UrE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/ce1677-d927-44c6-a909-3b2b51a5e3da/1/CL9ZiZt6yjCjx9Xbk7IS2YcJyJs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.109.120.0/21
185.144.152.0/22
IPv6:
2a01:66c0::/32
Signature Algorithm: sha256WithRSAEncryption
5b:26:07:34:9a:78:2a:ad:6b:51:3f:1f:d5:28:2b:b2:56:8d:
ce:88:24:2e:e5:99:31:5e:ba:d6:0b:71:83:4c:d0:99:a3:a2:
3c:b0:bb:29:cc:c8:41:26:12:fd:32:48:d6:aa:e7:da:d7:d4:
cc:d6:98:a2:db:61:ce:f8:7b:b8:e7:57:c6:25:52:c0:03:fb:
c0:ec:85:9b:0b:92:a6:06:6b:9e:78:44:2b:cc:d0:1a:a7:fa:
1b:6b:16:d4:eb:0c:60:53:b9:3a:d2:a4:a8:be:55:eb:1a:d7:
ca:0a:69:fe:58:15:83:64:20:9f:3f:2d:4c:87:ea:29:ab:4c:
98:9f:39:5d:05:af:9d:08:2b:70:8d:a4:17:3d:51:c6:66:5c:
19:93:75:e1:45:1f:10:f7:89:3f:ab:73:c3:f4:5d:9e:8a:38:
93:59:f7:da:2b:96:f2:30:d9:e6:4c:1b:4b:1a:a2:6a:ad:9f:
37:6c:e1:d0:a4:a1:1e:05:be:8b:9d:74:ac:9e:96:61:3a:f4:
0f:48:5d:82:b6:e2:16:0d:ec:ca:3d:66:8a:1f:89:61:b8:5b:
39:a6:41:7e:cb:6b:0e:92:1a:c2:9c:4e:ab:a4:1b:c8:a8:40:
ab:69:52:75:a9:51:ff:8d:51:36:49:76:e6:6d:a0:00:a4:e8:
68:67:e8:77
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQks8hTpLWyjZ2XXqE87ddcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4YmY1OTg5OWI3YWNhMzBhM2M3ZDVkYjkzYjIxMmQ5ODcw
OWM4OWIwHhcNMjUwMTAyMDE0OTA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDFiZGEyOTQzZWJhMGIxNzA1MWE3NmJmMDkyZDY5NDE4NzY1MmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvHb2vVxt7rC4A37QFpj6B5rMFwGj
wSDIwmgpO1Q4qQjOuK9XX/XZKGPw3mr14gMXioGc1jUk2Zot9OED+NItWalNsyoX
zo3AocGvVdtR7For/kfUmUe92YFfvqpGLPnikb+tr6jz8zysMONp60c6R8e7eVkm
dq2fas8PivbfluKC78g6wif25iItwSUX7zenYx6ze11dH35yBZBtt6y87v1ezINC
WQLscM6L7XRVRjpzbn289QX4YQ10wspVzkQDTKiIDi+LyveMOCaG2QbKZ7FOeqH3
BaxBvAu+YQ4POYst5juf1BO9sAWW450F1FqvvEH6EXKhBz8cvEdWHbZUdQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEAb2ilD66CxcFGna/CS1pQYdlKxMB8GA1UdIwQY
MBaAFAi/WYmbesowo8fV25OyEtmHCcibMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0w5WmladDZ5akNqeDlYYms3SVMyWWNKeUpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC9jZTE2NzctZDkyNy00NGM2LWE5MDkt
M2IyYjUxYTVlM2RhLzEvUUJ2YUtVUHJvTEZ3VWFkcjhKTFdsQmgyVXJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC9jZTE2NzctZDkyNy00NGM2LWE5MDktM2IyYjUxYTVlM2Rh
LzEvQ0w5WmladDZ5akNqeDlYYms3SVMyWWNKeUpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDW214AwQC
uZCYMA0EAgACMAcDBQAqAWbAMA0GCSqGSIb3DQEBCwUAA4IBAQBbJgc0mngqrWtR
Px/VKCuyVo3OiCQu5ZkxXrrWC3GDTNCZo6I8sLspzMhBJhL9MkjWqufa19TM1pii
22HO+Hu451fGJVLAA/vA7IWbC5KmBmueeEQrzNAap/obaxbU6wxgU7k60qSovlXr
GtfKCmn+WBWDZCCfPy1Mh+opq0yYnzldBa+dCCtwjaQXPVHGZlwZk3XhRR8Q94k/
q3PD9F2eijiTWffaK5byMNnmTBtLGqJqrZ83bOHQpKEeBb6LnXSsnpZhOvQPSF2C
tuIWDezKPWaKH4lhuFs5pkF+y2sOkhrCnE6rpBvIqECraVJ1qVH/jVE2SXbmbaAA
pOhoZ+h3
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:29 2025 by rpki-client on console.sobornost.net